The European Commission formally adopted the EU-U.S. Data Privacy Framework adequacy decision, allowing certified U.S. companies to receive personal data from the EU.
The framework introduces binding safeguards on U.S. intelligence access and establishes a Data Protection Review Court mechanism.
Organizations transferring data to the U.S. must verify recipient certification status and update transfer documentation accordingly. While adequacy simplifies transfers, companies must still maintain accountability and compliance audits.
This development significantly impacts multinational corporations, SaaS providers, and digital service companies.
Source: European Commission – Adequacy Decision
https://commission.europa.eu